摘要
SQL注入攻击是目前网络攻击的主要手段之一,目前防火墙不能对SQL注入漏洞进行有效的防范。网络应用程序被SQL注入攻击,对数据库进行破坏性的攻击,这种攻击的技术难度不高,但危害性大。介绍了SQL注入攻击的概念、分析了SQL注入攻击的原理,最后总结了防御SQL注入攻击的方法。希望广大的WEB应用程序开发人员在开发过程中不断地提高程序的安全性。
SQL injection attack is one of the primary means of network attacks, the firewall can not effectively prevent from SQL injection vulnerability at present. Network application is attacked by SQL injection which carries devastating attacks against the database, such technical difficulty attack is not so high, but the danger is serious. This paper introduces the concept of SQL injection attacks, analyses the principle of SQL injection attacks, and finally concludes defense against SQL injection attacks hoping WEB application developers improving the security of program in the developing process.
出处
《陕西交通职业技术学院学报》
2012年第4期51-52,共2页
Journal of Shaanxi College of Communication Technology
